[systemd-devel] Children of systemd user instance can't see root user

Adrian Vovk adrianvovk at gmail.com
Wed Jun 14 18:07:22 UTC 2023 

Hello

I've got a problem in my systemd --user instance that I can't quite
grok nor can I explain it very well. Essentially I have no idea what
could possibly be going on. Hoping someone here can help.

Basically, the OS boots and I can log in. Once I do, I experience the
following symptoms:

- Nothing setuid, like /usr/bin/pkexec, works. They all report that
they must be owned by root
- Upon further investigation it turns out all files owned by root/root
is now owned by nobody/nobody
- Dumping the filesystem (unsquashfs -ll /dev/sdX) reveals that the
files are, in fact, owned by root/root on disk
- When executing from outside of my systemd --user instance (i.e. log
in from tty)
  - `id` reports `uid=1000(adrian) gid=100(users) groups=100(users),997(wheel)`
  - `id adrian` reports the same
  - Files that are supposed to be owned by root/root are owned by root/root
  - Files that are supposed to be owned by adrian/users are owned by
adrian/users
- When forked from the systemd --user instance (i.e. in
gnome-terminal, or inside `systemd-run --user -S` on the TTY)
  - `id` reports `uid=1000(adrian) gid=100(users)
groups=100(users),65534(nobody)`
  - `id adrian` reports correctly `uid=1000(adrian) gid=100(users)
groups=100(users),997(wheel)`
  - Files that are supposed to be owned by root/root are owned by nobody/nobody
  - Files that are supposed to be owned by adrian/users are owned by
adrian/users
- If I perform the same experiment but logged in as `root` instead of
`adrian`, the situation reverses: files actually owned by root/root
appear owned by root/root, but files actually owned by adrian/users
appear owned by nobody/nobody

I initially suspected that something is wrong with my PAM
configuration, but it works correctly if I try the commands inside a
shell created with `systemd-run -S --uid=adrian
--property=PAMName=systemd-user`. So, the environment that the systemd
--user instance is executed in is good, but then everything systemd
itself forks off is broken.

Making user at 1000.service run w/ debug logging revealed nothing. The
first mention of anything related to this issue is systemd-tmpfiles
quitting because of an unsafe transition from /run/user (owned by
nobody) to /run/user/1000 (owned by adrian).

I'm running a git checkout of systemd 254 at commit
969eb0390f4a94fd95b828ede0588f6c00b293ed.

Does anyone have any idea what could possibly be going on? If you need
more info I'm happy to provide.

Thanks,
Adrian

More information about the systemd-devel mailing list